FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-19 20:48:44 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
1ab7357f-a3c2-406a-89fb-fd00e49a71b5	zeek -- potential DoS vulnerabilities Tim Wojtulewicz of Corelight reports: A specially-crafted series of FTP packets with a CMD command with a large path followed by a very large number of replies could cause Zeek to spend a long time processing the data. A specially-crafted with a truncated header can cause Zeek to overflow memory and potentially crash. A specially-crafted series of SMTP packets can cause Zeek to generate a very large number of events and take a long time to process them. A specially-crafted series of POP3 packets containing MIME data can cause Zeek to spend a long time dealing with each individual file ID. Discovery 2023-05-19 Entry 2023-05-19 zeek < 5.0.9 https://github.com/zeek/zeek/releases/tag/v5.0.9

VuXML ID

Description

1ab7357f-a3c2-406a-89fb-fd00e49a71b5

zeek -- potential DoS vulnerabilities

Tim Wojtulewicz of Corelight reports:

A specially-crafted series of FTP packets with a CMD command with a large path followed by a very large number of replies could cause Zeek to spend a long time processing the data.

A specially-crafted with a truncated header can cause Zeek to overflow memory and potentially crash.

A specially-crafted series of SMTP packets can cause Zeek to generate a very large number of events and take a long time to process them.

A specially-crafted series of POP3 packets containing MIME data can cause Zeek to spend a long time dealing with each individual file ID.

Discovery 2023-05-19
Entry 2023-05-19
zeek

< 5.0.9

https://github.com/zeek/zeek/releases/tag/v5.0.9